Expand description
Plugin discovery and manifest types.
Structs§
- Manifest
- Declarative metadata a plugin ships with itself. The wire shape is
JSON; the on-disk convention (sibling file, embedded resource,
--manifestflag, …) is deliberately out of scope of this struct and will be settled in a follow-up. - Manifest
With Name AndSource - A
Manifestenriched with the plugin’s identifyingnameand thesourceit was loaded from. Used when listing or describing installed plugins, where the bare manifest fields are not enough to identify which plugin they belong to or where they came from. - McpServer
- MCP server entry inside
Manifest::mcp_servers. Sameurl+authorizationsemantics asobjectiveai_sdk::agent::McpServerplus anamefield that agent declarations reference (viaobjectiveai_sdk::agent::ClientObjectiveaiMcpPluginEntry::mcp_servers). - Viewer
Route - One HTTP route a plugin’s viewer registers on the host viewer’s
embedded axum server. The full path served is
/plugin/<repository>/<self.path>; on a hit, the body is JSON-decoded and forwarded as aPluginRequest { type: self.type, value: body }event to the frontend. - Whitelist
Entry - One whitelist row. Each field is a regex matched anchored
against the corresponding install parameter (compiled as
^(?:pattern)$). All four fields must match for the row to allow the install.
Enums§
- Http
Method - HTTP methods supported by
ViewerRoute. Serializes as upper-case ("GET","POST", …) on the wire. - Install
Error - Failures the plugin install pipeline can encounter. Shape modelled
after
objectiveai-api’sgithub::Error: split request / response / status / parse so diagnostics name what failed, plus IO variants for the local-disk side of the flow.
Functions§
- check_
plugin_ whitelist - Returns
Ok(true)iff the quadruple matches at least one entry inwhitelist. Each field is compiled as^(?:pattern)$so patterns likeObjectwon’t matchObjectAttacker. ReturnsErr(regex::Error)if any pattern fails to compile. - default_
whitelist - The hard-coded default whitelist. Single entry: any repo under
the ObjectiveAI GitHub org passes; everything else requires
--insecure. - raw_
manifest_ url - Convention: the raw-GitHub URL we’d fetch
objectiveai.jsonfrom for a given (owner, repository, optional commit sha). Defaults toHEADwhen no commit is supplied. Lifted out so the cli and the SDK’s owninstall_pluginwrapper share one source of truth.